Sign in Subscribe

← All advisories

Unrated severityNVD Advisory· Published Oct 21, 2025· Updated Oct 21, 2025

OS command injection using information obtained from the web management interface

CVE-2025-6541

Description

An arbitrary OS command may be executed on the product by the user who can log in to the web management interface.

Affected products

3

TP-Link Systems Inc./Festa gatewaysv5
Range: 0
TP-Link Systems Inc./Omada gatewaysv5
Range: 0
TP-Link Systems Inc./Omada Pro gatewaysv5
Range: 0

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

4

support.omadanetworks.com/en/document/108455/mitrevendor-advisory
www.omadanetworks.com/us/business-networking/all-omada-router/mitreproduct
www.omadanetworks.com/us/business-networking/omada-pro-router-wired-router/mitreproduct
www.tp-link.com/us/business-networking/soho-festa-gateway/mitreproduct

News mentions

0

No linked articles in our index yet.